Auto provision system and method for customer premises equipment

ABSTRACT

An auto provision system and method for a customer premises equipment (CPE) include: connecting a CPE to a provision platform through a network; authenticating the CPE by the provision platform and generating and transmitting a corresponding setting file to the CPE by the provision platform; and the CPE updating the configuration thereof by using the received setting file, thereby saving manual costs for ISPs (Internet Service Providers), ensuring ease of use, and enhancing information security.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates generally to auto provision systems and methods for customer premises equipments (CPEs), and more particularly, to a provision system and method that provide a setting file by an installation platform to a CPE for auto configuration update.

2. Description of Related Art

Along with the development of network techniques, construction of network systems is speeded up. Users can make various activities through networks, for example, searching, browsing, shopping or chatting.

Generally, users access the Internet through ISPs (Internet Service Providers) that are companies or organizations offering Internet access and network services to users. These companies buy connection equipments and rent lines and bandwidths and provide them to users. In order to access the Internet and use various types value-added services provided by an ISP, a customer premises equipment (CPE) at a user end needs to be connected to a server of the ISP.

A CPE can be such as a modem, a router, a network phone, a network fax and so on. Since ordinary users lack professional provision knowledge of CPEs, the configuration of the CPEs need to be set up by engineers from ISPs or from outsourcing companies of the ISPs, which however has disadvantages as follows:

-   -   (1) Operation costs for the ISPs increase, because the ISPs need         to employ a large number of engineers for configuration update         of the CPEs.     -   (2) Inconvenience in usage. Since the number of users is far         larger than that of the engineers, it is difficult for the         engineers to provide timely services to the users, thus causing         inconvenience to the users in usage of networks.     -   (3) Risk of data leakage. User IDs or account passwords are         often required in configuration update of the CPEs, which poses         a potential risk of data leakage.

Therefore, that is a need to provide an auto provision system and method for a CPE such that the configuration of the CPE can be set up with increased security, at greater convenience and lower cost.

SUMMARY OF THE INVENTION

In view of the above disadvantages of the prior art, an objective of the present invention is to provide an auto provision system and method for a CPE (Customer Premises Equipment) so as to decrease the manual cost.

Another objective of the present invention is to provide an auto provision system and method for a CPE so as to achieve quick configuration update of a CPE and facilitate its usage.

A further objective of the present invention is to provide an auto provision system and method for a CPE so as to reduce the risk of user data leakage.

In order to attain the above and other objectives, the present invention provides an auto provision system and method for a CPE applicable to a network. The auto provision system comprises: a CPE; and a provision platform, wherein the CPE is connected to the provision platform through the network such that the provision platform generates a setting file corresponding to the CPE and transmits the setting file to the CPE for auto configuration update. The provision platform further comprises: a database device for storing provision data of the CPE; an authentication device for authenticating the CPE by using the provision data; and an auto provision device for generating the setting file corresponding to the CPE according to an authentication notice of the authentication device and transmitting the setting file to the CPE such that the CPE can update the configuration thereof by using the received setting file.

The auto provision method for a CPE according to the present invention comprises the following steps: (1) connecting a CPE to a provision platform through the network; (2) authenticating the CPE by the provision platform; (3) generating and transmitting a corresponding setting file by the provision platform to the CPE through the network; and (4) the CPE updating the configuration thereof by using the received setting file.

In a preferred embodiment, step (2) further comprises: (2-1) an auto provision device determining the CPE is a recognized device; (2-2) the auto provision device requesting an authentication device to authenticate the CPE; and (2-3) the authentication device authenticating the CPE by using provision data.

In another preferred embodiment, step (3) further comprises: (3-1) the provision platform generating the setting file corresponding to the CPE and encrypting the setting file; and (3-2) the provision platform transmitting the encrypted setting file to the CPE through the network. Step (4) further comprises: (4-1) the CPE decrypting the setting file; and (4-2) the CPE updating the configuration thereof by using the decrypted setting file.

Compared with prior art, the present invention authenticates a CPE through a provision platform and in the case the authentication is successful, the provision platform generates a setting file corresponding to the CPE and transmits the setting file to the CPE such that the CPE can update the configuration thereof by using the received setting file, thereby saving the manual cost, increasing convenience in usage and data security.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a diagram of an auto provision system for a customer premises equipment (CPE) according to the present invention;

FIG. 2 is a diagram of the auto provision system for the CPE according to a preferred embodiment of the present invention;

FIG. 3 is a diagram of the auto provision system for the CPE according to another preferred embodiment of the present invention;

FIG. 4 is a flow chart of an auto provision method for a customer premises equipment (CPE) according to the present invention; and

FIG. 5 is a flow chart of the auto provision method for the CPE according to a preferred embodiment of the present invention.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

The following illustrative embodiments are provided to illustrate the disclosure of the present invention, these and other advantages and effects can be apparent to those skilled in the art after reading the disclosure of this specification.

FIG. 1 is a diagram of an auto provision system for a customer premises equipment (CPE) according to the present invention. As shown in the drawing, the system comprises a CPE 10, a network 11, and a provision platform 12.

The CPE 10 can be any equipment disposed at a user end and having specific functions. In the present invention, the CPE 10 is an electronic device capable of connecting the network 11, such as a communication device, a connection device, a routing device, a network access device, or a combination thereof.

The network 11 is a medium for data transmission, which can be a wired network or a wireless network. The wired network is, for example, the Internet, a local area network, a wide area network, a virtual private network, or a combination thereof. The wireless network is, for example, a wireless local area network, a cellular communication network, a worldwide interoperability for microwave access (WiMAX), or a combination thereof.

The CPE 10 is connected to the provision platform 12 through the network 11 such that the provision platform 12 generates a setting file corresponding to the CPE 10 and transmits the setting file to the CPE 10 for auto configuration update of the CPE 10 and firmware upgrade. For example, a provision server at an ISP (Internet Service Provider) end is capable of generating configuration-specific setting files corresponding to a plurality of CPEs 10 for remote configuration update of the CPEs 10, respectively. The provision platform 12 further comprises: a database device 120, an authentication device 121 and an auto provision device 122.

The database device 120 is configured for storing provision data of the CPE 10. The provision data may be a hardware serial number of the equipment, a connection circuit number, a physical address of the equipment, an operation mode of the equipment, a network address of the user end, a user ID, a user contact number, an account password, or a combination thereof.

The authentication device 121 authenticates the CPE 10 through the above-described provision data, thereby avoiding the use of unauthenticated CPEs by users.

The auto provision device 122 generates the setting file corresponding to the CPE 10 according to an authentication notice of the authentication device 121 and transmitting the setting file to the CPE 10 for auto configuration update and firmware upgrade. Since various configuration-specific setting data of various devices at the user end, such as network addresses, network areas and account passwords, is stored in the provision platform 12, the auto provision device 122 can conveniently generate a configuration-specific setting file corresponding to the CPE 10 for auto configuration update.

In practice, the CPE 10 is connected to the provision platform 12 through the network 11 by a predetermined connection method so as for the auto provision device 122 to determine whether the CPE 10 is a recognized device. Then, the auto provision device 122 requests the authentication device 121 to authenticate the CPE 10. The authentication device 121 authenticates the CPE 10 according to the provision data in the database device 120. Finally, the auto provision device 122 generates a setting file corresponding to the CPE 10 and transmits the setting file to the CPE 10 for auto configuration update and firmware upgrade.

FIG. 2 is a diagram of the auto provision system for the CPE according to a preferred embodiment of the present invention. As shown in the drawing, the system comprises a CPE 20, a network 21 and a provision platform 22.

Compared with FIG. 1, the provision platform 22 of the present embodiment further comprises an equipment database 220, a user database 221, an equipment information authentication module 222, a circuit information authentication module 223, a setting file generation module 224 and a setting file encryption module 225.

The equipment database 220 stores related setting and configuration data of the CPE 20. Base on the data, the provision platform 22 can determine whether the CPE 20 is a recognized device and the setting file generation module 224 can automatically generate the setting file.

The user database 221 stores application data of the user. When the user applies to an ISP for a network connection service, the ISP stores the application data of the user, such as a physical address, a circuit information, or a network address in the user database 221. Based on these data, the system can authenticate the CPE 20 and the setting file generation module 224 can automatically generate the setting file.

The equipment information authentication module 222 authenticates the equipment information of the CPE 20. When the CPE 20 is connected to the provision platform 22 through the network 21, the equipment information authentication module 222 accesses data from the equipment database 220 so as to determine whether the equipment information of the CPE 20 is recognized by the provision platform 22.

The circuit information authentication module 223 authenticates the circuit information of the CPE 20. After the provision platform 22 determines that the CPE 20 is a recognized device, the circuit information authentication module 223 accesses application data from the user database 221 so as to determine whether the network connection data of the CPE 20 is recognized.

The setting file generation module 224 generates a setting file corresponding to the CPE 20. Since different CPEs have different configurations and modes of setting, the provision platform 22 authenticates the CPE 20 through the equipment database 220 and the user database 221 so as to generate the corresponding provision setting file required for timely update and proper operation of the CPE 20.

The setting file encryption module 225 encrypts the setting file. The setting file is encrypted before being transmitted to the CPE 20 so as to reduce the risk of data leakage during transmission.

In practice, the CPE 20 is connected to the provision platform 22 through the network 21, and the equipment information authentication module 222 accesses the equipment data from the equipment database 220 so as to determine whether the CPE 20 is a recognized device. Then, the circuit information authentication module 223 accesses the application data from the user database 221 so as to authenticate the CPE 20. Upon successful authentication, the setting file generation module 224 generates the setting file corresponding to the CPE 20, and the setting file encryption module 225 encrypts the setting file. Finally, the encrypted setting file is transmitted to the CPE 20, and the CPE 20 decrypts the setting file, so as to enable configuration update of the CPE 20 to take place.

In a preferred embodiment, the equipment data is a hardware serial number, a circuit number, a physical address, an operation mode, a network address, or a combination thereof. The application data is ID, a contact number, an account password, or a combination thereof.

FIG. 3 is a diagram of the auto provision system for the CPE according to another embodiment of the present invention. As shown in the drawing, the system comprises a connection modem 30, Internet 31, an auto provision platform 32, and service websites 33.

In the present embodiment, when the user applies to an ISP for an Internet connection service, the user obtains a connection modem 30. After the connection modem 30 has connected the user's PC (wherein the connection between the connection modem 30 and the user's PC is effectuated by a cable line) and a network interface, configuration of the connection modem 30 has to be set up for Internet connection service. In this case, the connection modem 30 can be connected to the auto provision platform 32 through the Internet 31 by a predetermined connection method, and the predetermined connection method may be limited such that only the auto provision platform 32 is available for connection with the connection modem 30. An authentication server 322 authenticates the connection modem 30 through an equipment database 320 and a user database 321. After the authentication, an auto provision server 323 generates a configuration-specific setting file corresponding to the connection modem 30 and transmits the setting file to the connection modem 30 for configuration update. Upon completion of configuration update, the connection modem 30 can work properly with its new configuration, and thus the user's PC can be connected to various service websites 33 through the connection modem 30.

FIG. 4 is a flow chart of an auto provision method for a CPE according to the present invention. As shown in the drawing, the auto provision method comprises the following steps.

At step S40, a CPE is connected to a provision platform through a network by using a predetermined connection method, wherein the network is the Internet, a local area network, a wide area network, a virtual private network, or a combination thereof. The CPE is a communication device, a connection device, a routing device, a network access device, or a combination thereof. Then, go to step S41.

At step S41, the provision platform authenticates the CPE so as to determine whether the CPE is a recognized equipment and whether the user data in the database coincides with the connected user information (for example, the physical address and circuit information). Then, go to step S42.

At step S42, the provision platform generates a setting file corresponding to the CPE and transmits the setting file to the CPE. Then, go to step S43.

At step S43, the CPE updates the configuration thereof by using the received setting file.

In a preferred embodiment, step S41 further comprises: the provision platform determining the CPE is a recognized device and the provision platform requests the authentication device to authenticate the CPE, the authentication device authenticating the CPE by using provision data.

In another preferred embodiment, the provision data is a hardware serial number, a circuit number, a physical address, an operation mode, a network address, ID, a contact number, an account password, or a combination thereof.

In another preferred embodiment, step S42 further comprises: the provision platform generating the setting file corresponding to the CPE and encrypting the setting file and transmitting the encrypted setting file to the CPE. Step S43 further comprises: the CPE decrypting the setting file and updating the configuration thereof by using the decrypted setting file.

FIG. 5 is a flow chart of the auto provision method according to a preferred embodiment of the present invention. As shown in the drawing, the auto provision method comprises the following steps.

At step S50, a CPE is connected to an auto provision server by using a predetermined account, and the physical address, product type and network address of the CPE are provided to the auto provision server. Then, go to step S51.

At step S51, the auto provision server obtains a physical address and product type from an equipment database and compares them with those from the CPE so as to determine whether the CPE is a recognized device. Then, go to step S52.

At step S52, the auto provision server requests the authentication server to determine whether the equipment information of the CPE coincides with the equipment information of the application data in the database. Then, go to step S53.

At step S53, the authentication server finds the circuit information of the user according to the network address so as to determine the user ID and determine whether the physical address of the CPE is owned by the user. Then, go to step S54.

At step S54, upon successful authentication, the authentication server transmits the authentication result and provision data to the auto provision server. Then, go to step S55.

At step S55, the auto provision server writes the provision data to the equipment database and generates a corresponding configuration-specific setting file according to the provision data. Then, go to step S56.

At step S56, the auto provision server encrypts the setting file and transmits the encrypted setting file to the CPE. Then, go to step S57.

At step S57, the CPE decrypts the setting file and updates the configuration thereof by using the decrypted setting file. After the update, the CPE operates under the new configuration.

According to the present embodiment, a CPE can be remotely authenticated by a provision platform and updated by using a configuration-specific setting file generated by the provision platform, thereby achieving auto configuration update of the CPE. Therefore, the CPE can be conveniently used in a plug-and-play manner, and further the manual cost for ISPs is saved and risk of the user data leakage is avoided.

Therefore, the auto provision system and method for a CPE according to the present invention achieve the following effects:

-   -   (1) Ease of use of CPEs. The present invention eliminates the         need of additional settings for CPEs. Instead, CPEs only need to         be connected to a provision platform for auto configuration         update. Therefore, even a non-professional person can         conveniently use CPEs.     -   (2) Reduced operation costs for ISPs. Given the present         invention, ISPs do not need to assign engineers to locations of         CPEs for configuration update, thereby reducing the operation         cost.     -   (3) Prevention of leakage of user data. Since update and setting         of CPEs require user application data or equipment data, if         these data are known by provision engineers, there exists a         potential risk of leakage of user data. The present invention         eliminates the need of manual update of the CPEs, thereby         greatly reducing the risk of data leakage.

The above-described descriptions of the detailed embodiments are only to illustrate the preferred implementation according to the present invention, and it is not to limit the scope of the present invention. Accordingly, all modifications and variations completed by those with ordinary skill in the art should fall within the scope of present invention defined by the appended claims. 

1. An auto provision system for a CPE (Customer Premises Equipment), applicable to a network, the auto provision system comprising: a CPE; and a provision platform connected to the CPE through the network so as to allow the provision platform to generate a setting file corresponding to the CPE and transmit the setting file to the CPE for auto configuration update thereof.
 2. The system of claim 1, wherein the provision platform further comprises: a database device for storing provision data of the CPE; an authentication device for authenticating the CPE by using the provision data; and an auto provision device for generating the setting file corresponding to the CPE according to an authentication notice of the authentication device and transmitting the setting file to the CPE, thereby allowing the CPE to update the configuration thereof by using the setting file received.
 3. The system of claim 1, wherein the network is Internet, a local area network, a wide area network, a virtual private network, or a combination thereof.
 4. The system of claim 1, wherein the CPE is a communication device, a connection device, a routing device, a network access device, or a combination thereof.
 5. The system of claim 2, wherein the database device further comprises: an equipment database for storing equipment data of the CPE, and a user database for storing application data of the CPE.
 6. The system of claim 5, wherein the equipment data is a hardware serial number, a circuit number, a physical address, an operation mode, a network address, or a combination thereof.
 7. The system of claim 5, wherein the application data is ID, a contact number, an account password, or a combination thereof.
 8. The system of claim 2, wherein the authentication device further comprises: a circuit information authentication module for authenticating the circuit information of the CPE, and an equipment information authentication module for authenticating the equipment information of the CPE.
 9. The system of claim 2, wherein the auto provision device further comprises: a setting file generation module for generating the setting file corresponding to the CPE, and a setting file encryption module for encrypting the setting file.
 10. The system of claim 9, wherein the auto provision device transmits the encrypted setting file to the CPE, and the CPE decrypts the setting file and updates the configuration thereof by using the decrypted setting file.
 11. An auto provision method for a CPE, applicable to a network, the auto provision method comprising the steps of: (1) connecting a CPE to a provision platform through the network; (2) authenticating the CPE by the provision platform; (3) generating and transmitting a corresponding setting file by the provision platform to the CPE through the network; and (4) the CPE updating the configuration thereof by using the received setting file.
 12. The method of claim 11, wherein the network is Internet, a local area network, a wide area network, a virtual private network, or a combination thereof.
 13. The method of claim 11, wherein the CPE is a communication device, a connection device, a routing device, a network access device, or a combination thereof.
 14. The method of claim 11, wherein step (2) further comprises: (2-1) an auto provision device determining whether the CPE is a recognized device; (2-2) the auto provision device requesting an authentication device to authenticate the CPE; and (2-3) the authentication device authenticating the CPE by using provision data.
 15. The method of claim 14, wherein the provision data is a hardware serial number, a circuit number, a physical address, an operation mode, a network address, ID, a contact number, an account password, or a combination thereof.
 16. The method of claim 11, wherein step (3) further comprises: (3-1) the provision platform generating the setting file corresponding to the CPE and encrypting the setting file; and (3-2) the provision platform transmitting the encrypted setting file to the CPE through the network.
 17. The method of claim 11, wherein step (4) further comprises: (4-1) the CPE decrypting the setting file; and (4-2) the CPE updating the configuration thereof by using the decrypted setting file. 